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DETAILED ACTION 

1 . Claims 1 -30 are pending. 

Election/Restrictions 

2. Applicant's election without traverse of claims 1-14, 15-20 and 29 in the reply 
filed on 5/2/07 is acknowledged. 

Information Disclosure Statement 

3. The information disclosure statements (IDS) submitted on 10/20/03 and 6/9/04 
are being considered by the examiner. 

Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

5. Claims 1-20 and 29 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Forslow, U.S. Patent Application Publication No. 2002/0069278. 



Regarding claims 1 , Forslow discloses a gateway for mobile access, comprising: 
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a foreign agent (fig. 3, #31) that receives user/mobile user and mobile client (fig. 3, #14 
and #20) profile data and session state data from a home authentication, authorization 
and accounting (AAA) system of a mobile node (11[0094]); 

at least one dynamic packet filter that performs multi-layer filtering based on the user 
profile data (fig. 12&1i[0110]; 

wherein the foreign agent transfers a session from a first network to a second network 
without session interruption, using the session state data, when the mobile node moves 
from the first network to the second network (fig. 16), and 

the foreign agent uses the dynamic packet filter to permit Internet access by the mobile 
node without passing Internet data requested by the mobile node through a network in 
which the home AAA system is located (11[0139]). 

Regarding claim 2, Forslow discloses the gateway of claim 1, further comprising a MAC- 
address-based filter which blocks packets except for authentication packets that are 
used to authenticate mobile nodes (11[0131]). 

Regarding claim 3, Forslow discloses the gateway of claim 1 , wherein the dynamic 
packet filter performs network layer filtering and one of the group consisting of transport 
layer filtering and application layer filtering (1I[0088]). 

Regarding claim 4, Forslow discloses the gateway of claim 1 , further comprising a non- 
volatile storage device in which the user profile data are stored (fig. 7, #70). 
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Regarding claim 5, Forslow discloses the gateway of claim 1 , wherein the non-volatile 
storage device has a database that stores state Information for each active user session 
(1I[0014]). 



Regarding claim 6, Forslow discloses the gateway of claim 1 , wherein the gateway is 
coupled to at least one access point (fig. 3, #12), and the gateway transmits from a AAA 
server in the gateway to the access point an identification of whether a mobile node in 
communication with the access point is successfully authenticated by the AAA server 
(11[00931). 



Regarding claim 7, Forslow discloses the gateway of claim 1 , wherein the gateway 
exchanges AAA data with the home AAA system of the mobile node by way of the 
Internet, and the gateway provides Internet access to the mobile node without passing 
Internet data requested by the mobile node through the network of the home AAA 
system (1I[0139]). 



Regarding claim 8, Forslow discloses the gateway of claim 7, wherein the gateway 
relays remote authentication dial-in user service packets to the home AAA server 
(10019]). 



Regarding claim 9, Forslow discloses the gateway of claim 1 , wherein the gateway has 
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a foreign agent that communicates with the home AAA system of the mobile node, and 
the foreign agent is capable of operating in a relay mode, in which the foreign agent 
forwards packets to the home AAA of the mobile IP node for authentication, or in a 
standalone mode, in which authentication computations for the simple IP mobile node 
are performed in the gateway (li[0094]). 

Regarding claim 10, Forslow discloses the gateway of claim 1, the user profile data 
include per-user policies dynamically obtained from the home AAA server of the mobile 
node and the gateway further the dynamic packet filter is included in a firewall that uses 
packet filtering rules that depend on the per-user policies (1j[0067]). 

Regarding claim 11, Forslow discloses the gateway of claim 10, wherein the firewall 
includes rules that check a media access control address associated with each received 
packet (1I[0111]). 

Regarding claim 12, Forslow discloses the gateway of claim 1 , further comprising an 
802.1 1 access point contained within or attached to a housing of the gateway (TJ[0088]). 

Regarding claim 13, Forslow discloses the gateway of claim 1, further comprising a 
wireless modem contained within or attached to a housing of the gateway (11[0088]). 

Regarding claim 14, Forslow discloses the gateway of claim 1 . further comprising: an 



Application/Control Number: 10/689,363 Page 6 

Art Unit: 2134 

802.1 1 access point contained within or attached to a housing of the gateway; and a 
wireless modem contained within or attached to a housing of the gateway (T[[0088]). 

Regarding claim 15. Forslow discloses a gateway for mobile access, comprising: 
a foreign agent (fig. 3, #31) that receives user profile data from a home authentication, 
authorization and accounting (AAA) system of a client, when the client establishes a 
session with the gateway (11[0094]); 

a dynamic packet filter that performs multi-layer filtering based on the user profile data; 
an access point contained within or attached to a housing of the gateway, for 
communication between the gateway and the client; and 

a wireless modem contained within or attached to a housing of the gateway, wherein 
the gateway is mobile, and the modem permits wireless communication between the 
gateway and a wireless network (1|[0088]). 

Regarding claim 16, Forslow discloses the gateway of claim 15, wherein the gateway 
provides Internet access to the client without passing Internet data requested by the 
client through a network containing the home AAA system of the client (1][0139]). 

Regarding claim 17, Forslow discloses the gateway of claim 15, wherein the foreign 
agent is capable of obtaining a new IP address when the gateway moves from a first 
network to a second network (1I[01 10]). 
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Regarding claim 18, Forslow discloses the gateway of claim 16, wherein, the foreign 
agent is capable of advertising the new IP address to the client (1|[0032]). 

Regarding claim 19, Forslow discloses the gateway of claim 15, wherein the dynamic 
packet filter performs network layer filtering and one of the group consisting of transport 
layer filtering and application layer filtering (1I[0088]). 

Regarding claim 20, Forslow discloses the gateway of claim 15, further comprising a 
non-volatile storage device that stores the session state data, and means for 
transmitting the stored session state data to the client if the client loses a connection 
with the gateway and resumes the connection with the gateway (fig. 7, #70). 

Regarding claim 29, Forslow discloses a computer readable medium encoded with 
computer program code, wherein, when the code is executed by a processor, the 
processor performs a method for controlling mobile access, comprising the steps of: 
filtering incoming packets based on a media access control address of each packet 
(11[0131]); obtaining user profile data of a mobile IP node from a home authentication 
(1|[0094]), authorization and accounting (AAA) server of a mobile IP node, to determine 
whether the mobile IP node is registered to access a network by way of a gateway 
(1I[0091]); performing multi-layer filtering based on the user profile data (1I[0102]); 
transferring a session from a first network to a second network in which the mobile IP 
node is located without session interruption when the mobile node moves to the second 
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network; and providing Internet access to the mobile IP node without passing Internet 
data requested by the mobile IP node through a network in which the home AAA server 
is located (10139]). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Aubrey H. Wyszynski whose telephone number is 
(571)272-8155. The examiner can normally be reached on Monday - Thursday, and 
alternate Friday's. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on 571272381 1 . The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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